Lucene search

[email protected]NVD:CVE-2004-1396

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1396

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.

Affected configurations

Nvd

Node

nullsoftwinampMatch5.07

VendorProductVersionCPE
nullsoftwinamp5.07cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nullsoft	winamp	5.07	cpe:2.3:a:nullsoft:winamp:5.07:::::::*

References

forums.winamp.com/showthread.php?s=&threadid=202007

marc.info/?l=bugtraq&m=110297310503541&w=2

marc.info/?l=full-disclosure&m=110303988101973&w=2

securitytracker.com/alerts/2004/Dec/1012525.html

www.kb.cert.org/vuls/id/372968

www.securityfocus.com/bid/11909

exchange.xforce.ibmcloud.com/vulnerabilities/18466

exchange.xforce.ibmcloud.com/vulnerabilities/18467

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

Related for NVD:CVE-2004-1396

cvelist1 nessus1 cve1